Tail-F, originally a Swedish company bought over by Cisco Systems, created a management agent software framework for network elements and applications – ConfD. If employed as a part of software – ConfD allows to be programmability an inherent part of it. This post will us a very tangible example of its power – while Linux natively doesn’t offer NETCONF to manage interfaces – with use of ConfD and special program that makes use of it – programmability is made possible.

ConfD uses, what most of up-to-speed network engineers should know, YANG – a data modeling language for NETCONF (if we treat NETCONF as a new SNMP then YANG is like SMI – “special version” of ASN.1 was for SNMP) – better description can be found here: http://www.tail-f.com/what-is-yang/

The way to depict what ConfD does is – let’s say if you create your own program that acts as a router and you need a CLI for e.g. show ip route and additionally you would like to have a possibility to check routes over the NETCONF then it’s going to be done automatically for you. ConfD will run as a process next to your routing process and will manage it’s configuration, offer CLI and NETCONF (also RESTCONF/SNMP/WebAPI if Premium version is used). Of course that means that a if you want to implement ConfD shall be a part of implementing your software, whole configuration, CLIs etc.

More on how ConfD works and its composition (for example there is a database – CDB – that keeps the config) can be found on Tail-F site.

Let’s get to business, demonstration of how it can be used is based on:

confd basic 6.3

ydk 0.7.1 (there will be a separate post on ydk, installation, usage and what is it)

The very reason for using confd 6.3 is that newer versions i.e. 6.4 and 6.6 use YDK 1.1 for modelling and example program I wanted to test with YDK on newer confd versions uses YANG 1.1 while YDK has just partial support for it (full support is for YDK 1.0 – RFC 6020).

access confd CLI by running confd_cli command unless you started using make cli that takes you directly to CLI

Run the example:

Example I would like to use is called linuxcfg but id doesn’t work out of the box. When both versions 6.3.and 6.4 are installed the Makefile in ipmibsdirectory must be overwritten in 6.3 examples folder:

From now on you are on your own….just kiddn’ in the next post I will show how to setup YDK and query linucfg over NETCONF with YANG models provided with this example. Now we have a running linuxcfg with confd that exposes NETCONF. More to follow…

What to do when you have a virtual machine image and for a example you need to some files contents like ssh config or so? Modified images can be uploaded to glance – repeating same step after running several VMs of the same type can be easily avoided in this way.

There are few tools that can be used for that purpose and are extremely powerful (most importantly, these are usually run in place :

Guestfish gives access to the filesystem – it is more powerful the virt-edit in a sense that it allows browsing through the filesystems rather than modifying a file that you know a path for. You can also create new files and add contents to them. Example sequence of step to perform is as follows:

When you get a qcow2 image with a given size – it can’t be simply changed on-the-fly while running a VM or by giving just more space to a VM flavor in OpenStack. Situation gets even more complex when image has LVs inside but fortunately by using guestfishand virt-resizeimage can be suited to one’s needs. Below are the steps that I used to perform such modifications:

Default image: image-name-250G.qcow2
Resized: image-name-750G.qcow2

1. Check which device to resize (this image has LVM created PV on /dev/sda2):

1

2

3

guestfish-aimage-name.qcow

run

pvs-full--SHOWS WHICH DEVICE TORESIZE

2. Resize image (from 250 to 750GB) – resizing is NOT performed in place:

1

2

cp image-name-250G.qcow2image-name-750G.qcow2

qemu-img resize image-name-750G.qcow2+500GB

3. Resize disk and specific device (in this case it is /dev/sda2) and LVM PV:

4. Go to guestfish and use free space on VGS to create additional LV, create additional filesystem and mount point (DISABLE 64bit flag on EXT4, required by this image as it uses outdated e2fsck
that doesn’t support 64bit option):

Recently I stumbled on a topic related to interconnecting 2 Juniper routers with Inter-AS Option B.

With this kind of connectivity it is not enough to have control plane working properly i.e. prefixes exchanged and visible in appropriate routing-instances on both ends – for data plane to work you need to have next-hop resolved – and it is implicit in case E-BGP peering is sourced with interface address. In case loopback is used as a source you need to have it resolved by:

either a LSP between the two ASBR (actually no label required, but it must appear in inet.3, it can even be a static dummy LSP)

or configure routing-options resolution rib bgp.l3vpn.0 resolution-ribs inet.0 which will allow L3VPN routes to be resolved in inet.0 instead of inet.3

More details can be found on the Juniper forum where I found the solution: